A new ransomware group known as Red Ransomware Group (Red CryptoApp) has been discovered by cybersecurity researchers at Netenrich. This group has taken a unique approach to their extortion tactics by publicly listing the names of companies they have successfully targeted on a “wall of shame” in an attempt to pressure them into paying the ransom.
The origins of the Red CryptoApp ransomware are still unknown, but it is believed that the group began their operations in February 2024. Researchers have noted similarities between the ransomware notes written by Red CryptoApp and the Maze ransomware gang from 2020, although it is unclear if there is a direct connection between the two.
The primary targets of the Red CryptoApp ransomware group include the United States, Denmark, India, Spain, Italy, Singapore, and Canada, with the software and manufacturing sectors being the most frequently targeted industries. Other sectors such as education, construction, hospitality, and IT have also been affected.
To protect against ransomware attacks like Red CryptoApp, organizations are advised to regularly backup their data, practice proper security measures, and educate users on phishing attempts, which are often used as an entry point for ransomware attacks.
In related news, the LockBit Ransomware Gang has made a return and is taunting the FBI, while ransomware attacks are now targeting backups. TeamViewer has also been exploited to deploy ransomware, and a dark web tool is being used to target the aviation industry. Additionally, a US-led alliance of 40 countries has formed to combat the rising threat of ransomware attacks.
